OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gd?expand=0&rev=2

gd-2.0.32-warn.patch

@@ -1,11 +0,0 @@
---- gdkanji.c
-+++ gdkanji.c
-@@ -390,7 +390,7 @@
-   from_len = strlen ((const char *) from) + 1;
-   to_len = BUFSIZ;
- 
--  if ((int) (iconv (cd, (char **) &from, &from_len, (char **) &to, &to_len))
-+  if ((int) (iconv (cd, &from, &from_len, &to, &to_len))
-       == -1)
-     {
- #ifdef HAVE_ERRNO_H

gd-2.0.32.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:08234fb2742f3e1298a5581593ba35dbc949ec821128102f8987cfa706d20c73
-size 500507

gd-2.0.34-warn.patch

@@ -0,0 +1,11 @@
+--- gdkanji.c
++++ gdkanji.c
+@@ -392,7 +392,7 @@
+   from_len = strlen ((const char *)from) + 1;
+   to_len = BUFSIZ;
+ 
+-  if ((int) (iconv (cd, (char **)from_p, &from_len, (char **)to_p, &to_len))
++  if ((int) (iconv (cd, from_p, &from_len, to_p, &to_len))
+       == -1)
+     {
+ #ifdef HAVE_ERRNO_H

gd-2.0.34.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:66baa531a860ca3e071d47eec7c0823c534a8a4dadf4cba6d17eeb6d4159d22f
+size 1135372

gd-CAN-2004-0941.patch

@@ -1,17 +0,0 @@
---- gd_png.c.CAN-2004-0941	2004-11-11 14:02:37.407589824 -0500
-+++ gd_png.c	2004-11-11 14:04:29.672522960 -0500
-@@ -188,6 +188,14 @@
- 
-   png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
- 		&interlace_type, NULL, NULL);
-+  if (overflow2(sizeof (int), width)) 
-+    {
-+      return NULL;
-+    }
-+  if (overflow2(sizeof (int) * width, height)) 
-+    {
-+      return NULL;
-+    }  
-   if ((color_type == PNG_COLOR_TYPE_RGB) ||
-       (color_type == PNG_COLOR_TYPE_RGB_ALPHA))
-     {

gd-gif-read.patch

@@ -1,27 +0,0 @@
---- gd_gif_in.c
-+++ gd_gif_in.c
-@@ -42,7 +42,7 @@
- #define LOCALCOLORMAP  0x80
- #define BitSet(byte, bit)      (((byte) & (bit)) == (bit))
- 
--#define        ReadOK(file,buffer,len) (gdGetBuf(buffer, len, file) != 0)
-+#define        ReadOK(file,buffer,len) (gdGetBuf(buffer, len, file) == len)
- 
- #define LM_to_uint(a,b)                        (((b)<<8)|(a))
- 
-@@ -272,13 +272,13 @@
-        unsigned char   count;
- 
-        if (! ReadOK(fd,&count,1)) {
--               return -1;
-+               return 0;
-        }
- 
-        *ZeroDataBlockP = count == 0;
- 
-        if ((count != 0) && (! ReadOK(fd, buf, count))) {
--               return -1;
-+               return 0;
-        }
- 
-        return count;

gd-security.patch

@@ -1,28 +1,14 @@
 --- gd.c
 +++ gd.c
-@@ -74,6 +74,10 @@
-   im = (gdImage *) gdMalloc (sizeof (gdImage));
+@@ -147,6 +151,7 @@
+   }
    memset (im, 0, sizeof (gdImage));
-   /* Row-major ever since gd 1.3 */
-+  if (overflow2(sizeof (unsigned char *), sy)) {
+   if (overflow2(sizeof (int *), sy)) {
 +    gdFree(im);
-+    return NULL;
-+  }
-   im->pixels = (unsigned char **) gdMalloc (sizeof (unsigned char *) * sy);
-   im->polyInts = 0;
-   im->polyAllocated = 0;
-@@ -114,6 +118,10 @@
-   gdImagePtr im;
-   im = (gdImage *) gdMalloc (sizeof (gdImage));
-   memset (im, 0, sizeof (gdImage));
-+  if (overflow2(sizeof (int *), sy)) {
-+    gdFree(im);
-+    return NULL;
-+  }
+     return 0;
+   }
    im->tpixels = (int **) gdMalloc (sizeof (int *) * sy);
-   im->polyInts = 0;
-   im->polyAllocated = 0;
-@@ -2462,6 +2470,8 @@
+@@ -2757,6 +2762,8 @@
      }
    bytes = (w * h / 8) + 1;
    im = gdImageCreate (w, h);

gd.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb 20 11:47:45 CET 2007 - nadvornik@suse.cz
+
+- updated to 2.0.34:
+  * security fixes merged upstream
+  * various other bugfixes
+
 -------------------------------------------------------------------
 Wed Aug 16 20:13:13 CEST 2006 - aj@suse.de
 

gd.spec

@@ -1,7 +1,7 @@
 #
-# spec file for package gd (Version 2.0.32)
+# spec file for package gd (Version 2.0.34)
 #
-# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
 # package are under the same license as the package itself.
 #
@@ -12,21 +12,20 @@
 
 Name:           gd
 BuildRequires:  fontconfig-devel freetype2-devel libjpeg-devel libpng-devel xorg-x11-libX11-devel xorg-x11-libXau-devel xorg-x11-libXdmcp-devel xorg-x11-libXpm-devel
-License:        Other License(s), see package, X11/MIT
+License:        X11/MIT
 Group:          System/Libraries
 Obsoletes:      gdlib 
 Autoreqprov:    on
-Version:        2.0.32
-Release:        29
+Version:        2.0.34
+Release:        1
 URL:            http://www.boutell.com/gd/
 Summary:        A Drawing Library for Programs That Use PNG and JPEG Output
 Source:         gd-%{version}.tar.bz2
 Patch0:         gd-%{version}-warn.patch
-Patch1:         gd-CAN-2004-0941.patch
+#Patch1:         gd-CAN-2004-0941.patch
 Patch2:         gd-format.patch
 Patch3:         gd-aliasing.patch
 Patch4:         gd-security.patch
-Patch5:         gd-gif-read.patch
 Patch6:         gd-fontpath.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
@@ -44,7 +43,7 @@ Authors:
 
 %package devel
 Requires:       %{name} = %{version} expat fontconfig-devel freetype2-devel glibc-devel libjpeg-devel libpng-devel xorg-x11-libXpm-devel xorg-x11-libX11-devel xorg-x11-libXau-devel xorg-x11-libXdmcp-devel
-License:        X11/MIT, Other License(s), see package
+License:        X11/MIT
 Summary:        Drawing Library for Programs with PNG and JPEG Output
 Group:          Development/Libraries/C and C++
 Autoreqprov:    on
@@ -64,12 +63,10 @@ Authors:
 
 %prep
 %setup -q
-%patch0
-%patch1
+#%patch0
 %patch2 -p1
 %patch3
 %patch4
-%patch5
 %patch6
 
 %build
@@ -138,7 +135,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/*.a
 %{_libdir}/*.la
 
-%changelog -n gd
+%changelog
+* Tue Feb 20 2007 - nadvornik@suse.cz
+- updated to 2.0.34:
+  * security fixes merged upstream
+  * various other bugfixes
 * Wed Aug 16 2006 - aj@suse.de
 - Reduce BuildRequires.
 * Wed Aug 16 2006 - aj@suse.de